X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fsettings.php;h=a75230f339fb26d6d7657e7512ab8718891d3fcf;hb=759015e5fd3ec4a5a9c19203dd18f72144127f26;hp=09a45f832a44e0a4cd076095d52d54daa82f0aa2;hpb=1392c58377b462c10f9db5edc97cd82d3a683dc7;p=friendica.git diff --git a/mod/settings.php b/mod/settings.php index 09a45f832a..a75230f339 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -16,6 +16,11 @@ function get_theme_config_file($theme){ function settings_init(&$a) { + if (function_exists("apc_delete")) { + $toDelete = new APCIterator('user', APC_ITER_VALUE); + apc_delete($toDelete); + } + // These lines provide the javascript needed by the acl selector $tpl = get_markup_template("settings-head.tpl"); @@ -30,7 +35,7 @@ function settings_init(&$a) { 'label' => t('Account settings'), 'url' => $a->get_baseurl(true).'/settings', 'selected' => (($a->argc == 1)?'active':''), - ), + ), array( 'label' => t('Additional features'), 'url' => $a->get_baseurl(true).'/settings/features', @@ -40,8 +45,8 @@ function settings_init(&$a) { 'label' => t('Display settings'), 'url' => $a->get_baseurl(true).'/settings/display', 'selected' => (($a->argc > 1) && ($a->argv[1] === 'display')?'active':''), - ), - + ), + array( 'label' => t('Connector settings'), 'url' => $a->get_baseurl(true).'/settings/connectors', @@ -68,7 +73,7 @@ function settings_init(&$a) { 'selected' => '' ) ); - + $tabtpl = get_markup_template("generic_links_widget.tpl"); $a->page['aside'] = replace_macros($tabtpl, array( '$title' => t('Settings'), @@ -96,19 +101,19 @@ function settings_post(&$a) { if(($a->argc > 1) && ($a->argv[1] === 'oauth') && x($_POST,'remove')){ check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth'); - + $key = $_POST['remove']; q("DELETE FROM tokens WHERE id='%s' AND uid=%d", dbesc($key), local_user()); goaway($a->get_baseurl(true)."/settings/oauth/"); - return; + return; } if(($a->argc > 2) && ($a->argv[1] === 'oauth') && ($a->argv[2] === 'edit'||($a->argv[2] === 'add')) && x($_POST,'submit')) { - + check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth'); - + $name = ((x($_POST,'name')) ? $_POST['name'] : ''); $key = ((x($_POST,'key')) ? $_POST['key'] : ''); $secret = ((x($_POST,'secret')) ? $_POST['secret'] : ''); @@ -116,7 +121,7 @@ function settings_post(&$a) { $icon = ((x($_POST,'icon')) ? $_POST['icon'] : ''); if ($name=="" || $key=="" || $secret==""){ notice(t("Missing some important data!")); - + } else { if ($_POST['submit']==t("Update")){ $r = q("UPDATE clients SET @@ -236,7 +241,7 @@ function settings_post(&$a) { call_hooks('connector_settings_post', $_POST); return; } - + if(($a->argc > 1) && ($a->argv[1] === 'features')) { check_form_security_token_redirectOnErr('/settings/features', 'settings_features'); foreach($_POST as $k => $v) { @@ -249,12 +254,13 @@ function settings_post(&$a) { } if(($a->argc > 1) && ($a->argv[1] === 'display')) { - + check_form_security_token_redirectOnErr('/settings/display', 'settings_display'); $theme = ((x($_POST,'theme')) ? notags(trim($_POST['theme'])) : $a->user['theme']); $mobile_theme = ((x($_POST,'mobile_theme')) ? notags(trim($_POST['mobile_theme'])) : ''); - $nosmile = ((x($_POST,'nosmile')) ? intval($_POST['nosmile']) : 0); + $nosmile = ((x($_POST,'nosmile')) ? intval($_POST['nosmile']) : 0); + $infinite_scroll = ((x($_POST,'infinite_scroll')) ? intval($_POST['infinite_scroll']) : 0); $browser_update = ((x($_POST,'browser_update')) ? intval($_POST['browser_update']) : 0); $browser_update = $browser_update * 1000; if($browser_update < 10000) @@ -263,6 +269,9 @@ function settings_post(&$a) { $itemspage_network = ((x($_POST,'itemspage_network')) ? intval($_POST['itemspage_network']) : 40); if($itemspage_network > 100) $itemspage_network = 100; + $itemspage_mobile_network = ((x($_POST,'itemspage_mobile_network')) ? intval($_POST['itemspage_mobile_network']) : 20); + if($itemspage_mobile_network > 100) + $itemspage_mobile_network = 100; if($mobile_theme !== '') { @@ -271,7 +280,9 @@ function settings_post(&$a) { set_pconfig(local_user(),'system','update_interval', $browser_update); set_pconfig(local_user(),'system','itemspage_network', $itemspage_network); + set_pconfig(local_user(),'system','itemspage_mobile_network', $itemspage_mobile_network); set_pconfig(local_user(),'system','no_smilies',$nosmile); + set_pconfig(local_user(),'system','infinite_scroll',$infinite_scroll); if ($theme == $a->user['theme']){ @@ -300,7 +311,8 @@ function settings_post(&$a) { if((x($_POST,'npassword')) || (x($_POST,'confirm'))) { $newpass = $_POST['npassword']; - $confirm = $_POST['confirm']; + $confirm = $_POST['confirm']; + $oldpass = hash('whirlpool', $_POST['opassword']); $err = false; if($newpass != $confirm ) { @@ -311,7 +323,15 @@ function settings_post(&$a) { if((! x($newpass)) || (! x($confirm))) { notice( t('Empty passwords are not allowed. Password unchanged.') . EOL); $err = true; - } + } + + // check if the old password was supplied correctly before + // changing it to the new value + $r = q("SELECT `password` FROM `user`WHERE `uid` = %d LIMIT 1", intval(local_user())); + if( $oldpass != $r[0]['password'] ) { + notice( t('Wrong password.') . EOL); + $err = true; + } if(! $err) { $password = hash('whirlpool',$newpass); @@ -394,8 +414,17 @@ function settings_post(&$a) { if($email != $a->user['email']) { $email_changed = true; + // check for the correct password + $r = q("SELECT `password` FROM `user`WHERE `uid` = %d LIMIT 1", intval(local_user())); + $password = hash('whirlpool', $_POST['password']); + if ($password != $r[0]['password']) { + $err .= t('Wrong Password') . EOL; + $email = $a->user['email']; + } + // check the email is valid if(! valid_email($email)) - $err .= t(' Not valid email.'); + $err .= t(' Not valid email.'); + // ensure new email is not the admin mail if((x($a->config,'admin_email')) && (strcasecmp($email,$a->config['admin_email']) == 0)) { $err .= t(' Cannot change to that email.'); $email = $a->user['email']; @@ -489,10 +518,12 @@ function settings_post(&$a) { $r = q("UPDATE `profile` SET `publish` = %d, + `name` = '%s', `net-publish` = %d, `hide-friends` = %d WHERE `is-default` = 1 AND `uid` = %d LIMIT 1", intval($publish), + dbesc($username), intval($net_publish), intval($hide_friends), intval(local_user()) @@ -554,13 +585,7 @@ function settings_content(&$a) { if(($a->argc > 2) && ($a->argv[2] === 'add')) { $tpl = get_markup_template("settings_oauth_edit.tpl"); - - $includes = array( - '$field_input' => 'field_input.tpl', - ); - $includes = set_template_includes($a->theme['template_engine'], $includes); - - $o .= replace_macros($tpl, $includes + array( + $o .= replace_macros($tpl, array( '$form_security_token' => get_form_security_token("settings_oauth"), '$title' => t('Add application'), '$submit' => t('Submit'), @@ -586,13 +611,7 @@ function settings_content(&$a) { $app = $r[0]; $tpl = get_markup_template("settings_oauth_edit.tpl"); - - $includes = array( - '$field_input' => 'field_input.tpl', - ); - $includes = set_template_includes($a->theme['template_engine'], $includes); - - $o .= replace_macros($tpl, $includes + array( + $o .= replace_macros($tpl, array( '$form_security_token' => get_form_security_token("settings_oauth"), '$title' => t('Add application'), '$submit' => t('Update'), @@ -623,8 +642,8 @@ function settings_content(&$a) { WHERE clients.uid IN (%d,0)", local_user(), local_user()); - - + + $tpl = get_markup_template("settings_oauth.tpl"); $o .= replace_macros($tpl, array( '$form_security_token' => get_form_security_token("settings_oauth"), @@ -639,19 +658,19 @@ function settings_content(&$a) { '$apps' => $r, )); return $o; - + } if(($a->argc > 1) && ($a->argv[1] === 'addon')) { $settings_addons = ""; - + $r = q("SELECT * FROM `hook` WHERE `hook` = 'plugin_settings' "); if(! count($r)) $settings_addons = t('No Plugin settings configured'); call_hooks('plugin_settings', $settings_addons); - - + + $tpl = get_markup_template("settings_addons.tpl"); $o .= replace_macros($tpl, array( '$form_security_token' => get_form_security_token("settings_addon"), @@ -662,7 +681,7 @@ function settings_content(&$a) { } if(($a->argc > 1) && ($a->argv[1] === 'features')) { - + $arr = array(); $features = get_features(); foreach($features as $fname => $fdata) { @@ -675,13 +694,7 @@ function settings_content(&$a) { $tpl = get_markup_template("settings_features.tpl"); - - $includes = array( - '$field_yesno' => 'field_yesno.tpl', - ); - $includes = set_template_includes($a->theme['template_engine'], $includes); - - $o .= replace_macros($tpl, $includes + array( + $o .= replace_macros($tpl, array( '$form_security_token' => get_form_security_token("settings_features"), '$title' => t('Additional Features'), '$features' => $arr, @@ -693,7 +706,7 @@ function settings_content(&$a) { if(($a->argc > 1) && ($a->argv[1] === 'connectors')) { $settings_connectors = ""; - + call_hooks('connector_settings', $settings_connectors); $diasp_enabled = sprintf( t('Built-in support for %s connectivity is %s'), t('Diaspora'), ((get_config('system','diaspora_enabled')) ? t('enabled') : t('disabled'))); @@ -733,16 +746,7 @@ function settings_content(&$a) { } - $includes = array( - '$field_checkbox' => 'field_checkbox.tpl', - '$field_input' => 'field_input.tpl', - '$field_select' => 'field_select.tpl', - '$field_custom' => 'field_custom.tpl', - '$field_password' => 'field_password.tpl', - ); - $includes = set_template_includes($a->theme['template_engine'], $includes); - - $o .= replace_macros($tpl, $includes + array( + $o .= replace_macros($tpl, array( '$form_security_token' => get_form_security_token("settings_connectors"), '$title' => t('Connector Settings'), @@ -814,48 +818,46 @@ function settings_content(&$a) { } $theme_selected = (!x($_SESSION,'theme')? $default_theme : $_SESSION['theme']); $mobile_theme_selected = (!x($_SESSION,'mobile-theme')? $default_mobile_theme : $_SESSION['mobile-theme']); - + $browser_update = intval(get_pconfig(local_user(), 'system','update_interval')); $browser_update = (($browser_update == 0) ? 40 : $browser_update / 1000); // default if not set: 40 seconds $itemspage_network = intval(get_pconfig(local_user(), 'system','itemspage_network')); $itemspage_network = (($itemspage_network > 0 && $itemspage_network < 101) ? $itemspage_network : 40); // default if not set: 40 items - + $itemspage_mobile_network = intval(get_pconfig(local_user(), 'system','itemspage_mobile_network')); + $itemspage_mobile_network = (($itemspage_mobile_network > 0 && $itemspage_mobile_network < 101) ? $itemspage_mobile_network : 20); // default if not set: 20 items + $nosmile = get_pconfig(local_user(),'system','no_smilies'); $nosmile = (($nosmile===false)? '0': $nosmile); // default if not set: 0 + $infinite_scroll = get_pconfig(local_user(),'system','infinite_scroll'); + $infinite_scroll = (($infinite_scroll===false)? '0': $infinite_scroll); // default if not set: 0 $theme_config = ""; if( ($themeconfigfile = get_theme_config_file($theme_selected)) != null){ require_once($themeconfigfile); $theme_config = theme_content($a); } - - $tpl = get_markup_template("settings_display.tpl"); - $includes = array( - '$field_themeselect' => 'field_themeselect.tpl', - '$field_checkbox' => 'field_checkbox.tpl', - '$field_input' => 'field_input.tpl', - ); - $includes = set_template_includes($a->theme['template_engine'], $includes); - - $o = replace_macros($tpl, $includes + array( + $tpl = get_markup_template("settings_display.tpl"); + $o = replace_macros($tpl, array( '$ptitle' => t('Display Settings'), '$form_security_token' => get_form_security_token("settings_display"), '$submit' => t('Submit'), '$baseurl' => $a->get_baseurl(true), '$uid' => local_user(), - + '$theme' => array('theme', t('Display Theme:'), $theme_selected, '', $themes, true), '$mobile_theme' => array('mobile_theme', t('Mobile Theme:'), $mobile_theme_selected, '', $mobile_themes, false), '$ajaxint' => array('browser_update', t("Update browser every xx seconds"), $browser_update, t('Minimum of 10 seconds, no maximum')), '$itemspage_network' => array('itemspage_network', t("Number of items to display per page:"), $itemspage_network, t('Maximum of 100 items')), + '$itemspage_mobile_network' => array('itemspage_mobile_network', t("Number of items to display per page when viewed from mobile device:"), $itemspage_mobile_network, t('Maximum of 100 items')), '$nosmile' => array('nosmile', t("Don't show emoticons"), $nosmile, ''), - + '$infinite_scroll' => array('infinite_scroll', t("Infinite scroll"), $infinite_scroll, ''), + '$theme_config' => $theme_config, )); - + $tpl = get_markup_template("settings_display_end.tpl"); $a->page['end'] .= replace_macros($tpl, array( '$theme' => array('theme', t('Display Theme:'), $theme_selected, '', $themes) @@ -863,8 +865,8 @@ function settings_content(&$a) { return $o; } - - + + /* * ACCOUNT SETTINGS */ @@ -926,13 +928,7 @@ function settings_content(&$a) { $pageset_tpl = get_markup_template('pagetypes.tpl'); - - $includes = array( - '$field_radio' => 'field_radio.tpl', - ); - $includes = set_template_includes($a->theme['template_engine'], $includes); - - $pagetype = replace_macros($pageset_tpl,$includes + array( + $pagetype = replace_macros($pageset_tpl, array( '$page_normal' => array('page-flags', t('Normal Account Page'), PAGE_NORMAL, t('This account is a normal personal profile'), ($a->user['page-flags'] == PAGE_NORMAL)), @@ -1053,17 +1049,26 @@ function settings_content(&$a) { require_once('include/group.php'); $group_select = mini_group_select(local_user(),$a->user['def_gid']); - $includes = array( - '$field_password' => 'field_password.tpl', - '$field_input' => 'field_input.tpl', - '$field_custom' => 'field_custom.tpl', - '$field_checkbox' => 'field_checkbox.tpl', - '$field_yesno' => 'field_yesno.tpl', - '$field_intcheckbox' => 'field_intcheckbox.tpl', - ); - $includes = set_template_includes($a->theme['template_engine'], $includes); - $o .= replace_macros($stpl,$includes + array( + // Private/public post links for the non-JS ACL form + $private_post = 1; + if($_REQUEST['public']) + $private_post = 0; + + $query_str = $a->query_string; + if(strpos($query_str, 'public=1') !== false) + $query_str = str_replace(array('?public=1', '&public=1'), array('', ''), $query_str); + + // I think $a->query_string may never have ? in it, but I could be wrong + // It looks like it's from the index.php?q=[etc] rewrite that the web + // server does, which converts any ? to &, e.g. suggest&ignore=61 for suggest?ignore=61 + if(strpos($query_str, '?') === false) + $public_post_link = '?public=1'; + else + $public_post_link = '&public=1'; + + + $o .= replace_macros($stpl, array( '$ptitle' => t('Account Settings'), '$submit' => t('Submit'), @@ -1075,6 +1080,8 @@ function settings_content(&$a) { '$h_pass' => t('Password Settings'), '$password1'=> array('npassword', t('New Password:'), '', ''), '$password2'=> array('confirm', t('Confirm:'), '', t('Leave password fields blank unless changing')), + '$password3'=> array('opassword', t('Current Password:'), '', t('Your current password to confirm the changes')), + '$password4'=> array('password', t('Password:'), '', t('Your current password to confirm the changes')), '$oid_enable' => (! get_config('system','no_openid')), '$openid' => $openid_field, @@ -1097,6 +1104,17 @@ function settings_content(&$a) { '$blockwall'=> $blockwall, // array('blockwall', t('Allow friends to post to your profile page:'), !$blockwall, ''), '$blocktags'=> $blocktags, // array('blocktags', t('Allow friends to tag your posts:'), !$blocktags, ''), + // ACL permissions box + '$acl_data' => construct_acl_data($a, $a->user), // For non-Javascript ACL selector + '$group_perms' => t('Show to Groups'), + '$contact_perms' => t('Show to Contacts'), + '$private' => t('Default Private Post'), + '$public' => t('Default Public Post'), + '$is_private' => $private_post, + '$return_path' => $query_str, + '$public_link' => $public_post_link, + '$settings_perms' => t('Default Permissions for New Posts'), + '$group_select' => $group_select,